package tech.xiaozai.rbac.controller;



import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import tech.xiaozai.common.CommonPage;
import tech.xiaozai.common.exception.BusinessException;
import tech.xiaozai.common.restful.RestResp;

import tech.xiaozai.rbac.bo.UserBO;
import tech.xiaozai.rbac.domain.UserQueryInfo;
import tech.xiaozai.rbac.domain.UserRoleBean;
import tech.xiaozai.rbac.po.SysUser;
import tech.xiaozai.rbac.service.UserService;

import javax.validation.Valid;
import java.util.LinkedList;
import java.util.List;


/**
 * @author xiaozai
 * @version 1.0
 * @date 2020-09-15 10:56
 */
@RestController
public class SysUserController {

    @Autowired
    private UserService userService;


    /**
     *  传主键，获取用户信息
     */
    @PreAuthorize("hasAuthority('url:user:detail')")
    @ApiOperation(value = "通过ID获取用户信息",notes = "id参数必填")
    @RequestMapping(value = "/users/{id}", method = RequestMethod.GET)
    public RestResp<SysUser> get(@PathVariable Long id){
        return RestResp.ok(userService.getById(id));
    }

    /**
     *  分页获取用户列表  搜索用户,可以传入一些关键字,可能去匹配用户名，也可能去匹配密码
     */
    @PreAuthorize("hasAuthority('url:user:list')")
    @ApiOperation(value = "分页查找用户",notes = "pageNum和pageSize为必填项")
    @RequestMapping(value = "/users", method = RequestMethod.GET)
    public RestResp<CommonPage<UserBO>> page(@Valid UserQueryInfo userQueryInfo){
        System.out.println("userQueryInfo="+userQueryInfo);

        return RestResp.ok(userService.page(userQueryInfo.getPageNum(),userQueryInfo.getPageSize(),userQueryInfo));

    }

    @PreAuthorize("hasAuthority('url:user:add')")
    @ApiOperation(value = "添加用户",notes = "只有用户名和密码是必填项,添加成功后返回的就是用户信息")
    @RequestMapping(value = "/users",method = RequestMethod.POST)
    public RestResp<SysUser> add(@RequestBody SysUser user){
        System.out.println("user="+user);
        userService.insert(user);
        return RestResp.ok(userService.getById(user.getId()));
    }

    @PreAuthorize("hasAuthority('url:user:update')")
    @ApiOperation(value = "全量更新用户信息",notes = "id为必填项，不需要修改的字段可以赋空")
    @RequestMapping(value = "/users",method = RequestMethod.PUT)
    public RestResp<SysUser> update(@RequestBody SysUser user){
        userService.update(user);
        return RestResp.ok(userService.getById(user.getId()));
    }

    @PreAuthorize("hasAuthority('url:user:delete')")
    @ApiOperation(value = "删除用户",notes = "id参数为必填项,如果用户不存在，则返回400错误")
    @RequestMapping(value = "/users/{id}",method = RequestMethod.DELETE)
    public RestResp delete(@PathVariable Long id){
        SysUser user = userService.getById(id);
        if(user==null){
            throw new BusinessException("要删除的id为["+id+"]的用户不存在");
        }
        userService.delete(id);
        return RestResp.ok();
    }

    @PreAuthorize("hasAuthority('url:user:update')")
    @ApiOperation(value="修改用户的角色信息")
    @RequestMapping(value = "/users/roles",method = RequestMethod.PUT)
    public RestResp<List<Long>> updateRolesOfUser(@RequestBody UserRoleBean bean){
        List<Long> rids = new LinkedList<>(bean.getRoleIds());
        userService.updateRolesOfUser(bean.getUserId(),bean.getRoleIds());
        return RestResp.ok(rids);
    }



}
